<?php
	session_name('LGMT');
	session_start();
	include('config.php');
	mysql_connect($m_host, $m_username, $m_password);
	mysql_select_db($m_db);
	
	if (!$_SESSION['rank']) $_SESSION['rank'] = 0;
	
	if ($_SESSION['user_id']) {
		$user_infos = fetch_user_infos($_SESSION['user_id']);
		if ($user_infos['banned'] == 1) {
			die('Vous avez été banni.');
		}
	}

	$website_q = mysql_query("SELECT * FROM website");
	$website_infos = mysql_fetch_array($website_q);
	
	if (($website_infos['maintenance'] == 1) AND ($_SESSION['rank'] < 3)) {
		header('Location: http://lgmt.info/maintenance.php');
	}
	
	if ($_GET['action'] == 'disconnect') {
		$_SESSION = array();
		$session_name = session_name();
		session_destroy();
		if (isset( $_COOKIE[ $session_name ] ) ) {
			if (setcookie(session_name(), '', time()-3600, '/') ) {
			header('Location: http://lgmt.info/');
				exit();   
			}
			else
			{
				// do_nothing
			}
		}
	}
	
	if (($_GET['reset_password']) AND ($_GET['check'])) {
		PasswordReset($_GET['reset_password'], $_GET['check']);
	}
	
	if (isset($_POST['username']) AND isset($_POST['pswd'])) {
		$username = $_POST['username'];
		$password = sha1($_POST['pswd']);
		$query = sprintf("SELECT * FROM members WHERE pseudo='%s' LIMIT 1",
			mysql_real_escape_string($username));
		$user_q = mysql_query($query);
		$user = mysql_fetch_array($user_q);
		if ($password == $user['password']) {
			$user_id = $user['id'];
			$_SESSION['user_id'] = $user['id'];
			$_SESSION['username'] = $user['username'];
			$_SESSION['rank'] = $user['rights'];
			$user_ip = $_SERVER['REMOTE_ADDR'];
			mysql_query("UPDATE `members` SET `last_ip` = '$user_ip' WHERE `id`='$user_id'");
			header('Location: http://lgmt.info/');
		} else {
			header('Location: http://lgmt.info/?event=error_login');
		}
	}
	
	if (($_GET['comment_delete']) AND ($_SESSION['rank'] == 3)) {
		$id = $_GET['comment_delete'];
		mysql_query("DELETE FROM `comments` WHERE `id`='$id'");
	}
	
	if (isset($_POST['new_email'])) {
		$id = $_SESSION['user_id'];
		$query = sprintf("UPDATE `members` SET `email` = '%s' WHERE `id`='$id'",
					htmlspecialchars(mysql_real_escape_string($_POST['new_email'])));
		mysql_query($query);
	}	
	if (isset($_POST['new_password'])) {
		$id = $_SESSION['user_id'];
		$new_password = sha1($_POST['new_password']);
		$query = sprintf("UPDATE `members` SET `password` = '%s' WHERE `id`='$id'",
					htmlspecialchars(mysql_real_escape_string($new_password)));
		mysql_query($query);
		header('Location: http://lgmt.info/?event=password_changed');
	}
	
	if (isset($_POST['pseudo']) AND isset($_POST['password']) AND ($_POST['pseudo']) AND ($_POST['password'])) {
		$r_username = $_POST['pseudo'];
		$r_password = sha1($_POST['password']);
		$r_email = $_POST['email'];
		
		$chk_username = fetch_user_infos($r_username, 'pseudo');
		if (!$chk_username) {
			$query = sprintf("INSERT INTO `members` (`pseudo`, `password`, `email`) VALUES('%s', '%s', '%s')",
				htmlspecialchars(mysql_real_escape_string($r_username)),
				htmlspecialchars(mysql_real_escape_string($r_password)),
				htmlspecialchars(mysql_real_escape_string($r_email)));
			mysql_query($query);
			
			$query = sprintf("SELECT * FROM `members` WHERE `pseudo`='%s'",
				mysql_real_escape_string($r_username));
				
			$check = mysql_query($query);
			if (!$check) {
				header('Location: http://lgmt.info/?event=error_register');
			}
			else {
				header('Location: http://lgmt.info/?event=registered');
			}
		} else {
			header('Location: http://lgmt.info/?event=already_registered');
		}
	}
	if (isset($_POST['title']) AND isset($_POST['news'])) {
		$title = $_POST['title'];
		$cat = $_POST['cat'];
		$img = $_POST['img'];
		$text = nl2br($_POST['news']);
		
		$query = sprintf("INSERT INTO `news` (`title`, `text`, `cat_id`, `by`, `img`) VALUES('%s','%s','%s','%s','%s')",
			mysql_real_escape_string($title),
			mysql_real_escape_string($text),
			mysql_real_escape_string($cat),
			$_SESSION['user_id'],
			mysql_real_escape_string($img));
			
		mysql_query($query);
		
		$query = sprintf("SELECT * FROM `news` WHERE `title`='%s'",
		mysql_real_escape_string($title));
		
		$check = mysql_query($query);
		if (!$check) {
			header('Location: http://lgmt.info/?event=news_fail');
		}
		else {
			header('Location: http://lgmt.info/?event=news_ok');
		}
	}
	if (isset($_POST['comment']) AND ($_SESSION['user_id'])) {
		$comment = $_POST['comment'];
		$news_id = $_POST['news_id'];
		$anti_spam_q = sprintf("SELECT * FROM `comments` WHERE `text`='%s' AND `by`='%s' AND `news`='%s' LIMIT 1",
			htmlspecialchars(mysql_real_escape_string($comment)),
			htmlspecialchars(mysql_real_escape_string($_SESSION['user_id'])),
			htmlspecialchars(mysql_real_escape_string($news_id)));
		$anti_spam = mysql_fetch_array(mysql_query($anti_spam_q));	
		if (!$anti_spam) {
			$query = sprintf("INSERT INTO `comments` (`text`, `by`, `news`) VALUES('%s', '%s', '%s')",
				htmlspecialchars(mysql_real_escape_string($comment)),
				htmlspecialchars(mysql_real_escape_string($_SESSION['user_id'])),
				htmlspecialchars(mysql_real_escape_string($news_id)));
			mysql_query($query);
		}
	}
	
	if (isset($_POST['edit_title']) AND isset($_POST['edit_news'])) {
		$news_id = $_GET['edit'];
		$query = sprintf("UPDATE `news` SET `title` = '%s', `text` = '%s', `img` = '%s' WHERE `id`='$news_id'",
			mysql_real_escape_string($_POST['edit_title']),
			mysql_real_escape_string(nl2br($_POST['edit_news'])),
			mysql_real_escape_string($_POST['edit_img']));
		mysql_query($query);
	}
	
	if (($_GET['verif'] == 1) AND ($_SESSION['rank'] > 1)) {
		$news_id = $_GET['news'];
		mysql_query("DELETE FROM `news` WHERE `id`='$news_id'");
	}
	
	if (isset($_POST['member_research'])) {
		$pseudo = $_POST['member_research'];
		$member = mysql_fetch_array(mysql_query("SELECT * FROM `members` WHERE `pseudo`='$pseudo'"));
		
		if (!$member) {
		header('Location: http://lgmt.info/?event=no_members');
		} else {
		$id = $member['id'];
		header("Location: http://lgmt.info/?members_edit=$id");
		}
	}
	
	if (isset($_POST['member_edit_name'])) {
		$members_id = $_POST['members_id'];
		$query = sprintf("UPDATE `members` SET `pseudo` = '%s', `rights` = '%s', `email` = '%s', `banned` = '%s', `presentation` = '%s' WHERE `id`='$members_id'",
			mysql_real_escape_string($_POST['member_edit_name']),
			mysql_real_escape_string($_POST['edit_rank']),
			mysql_real_escape_string($_POST['edit_email']),
			mysql_real_escape_string($_POST['banned']),
			mysql_real_escape_string($_POST['edit_presentation']));
		mysql_query($query);
	}
	
	if (isset($_POST['email_lost'])) {
		LostPassword($_POST['email_lost']);
	}
	
													####################################
													#### END OF PHP HEADERS DEFS    ####
													####                            ####
													#### HTML HEADER SEND & INIT !! ####
													####################################
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
	<head>
		<meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/>
		<title>LGMT Bêta : La Gazette Motion-Twin !</title>
		<meta name="description" content="Site de fan du réseau Motion-Twin. LGMT propose de rassembler toutes les actualités du réseau motion-twin"/>
		<script src="http://cdn.jquerytools.org/1.2.5/full/jquery.tools.min.js" type="text/javascript"></script>
		<script src="include/effects.js" type="text/javascript"></script>
		<script type="text/javascript">
		animatedcollapse.addDiv('register', 'fade=1')
		<?php
			$q_news = mysql_query("SELECT * FROM news ORDER BY `id` DESC LIMIT 0,15");
			while ($news = mysql_fetch_array($q_news)){
			$id = $news['id'];
			echo "animatedcollapse.addDiv('comment$id', 'fade=1')
			";
		}?>
		animatedcollapse.ontoggle=function($, divobj, state){ 
		}
		animatedcollapse.init()
		</script>
		<link rel="stylesheet" type="text/css" href="style.css"/>
		<link rel="shortcut icon" href="images/favicon.gif"/>
	</head>

	<body>
		<div id="bg_top"> </div>
		<div id="topbar" align="center">
			<?php
				if($_SESSION['username'] != null) {
				echo '<div id="connected" align="left">
				<ul>
					<li>Bienvenue, ' . $_SESSION['username'] . ' ! - </li>
					<li><div id="options">
						<ul>
							<li><a href="http://lgmt.info/?do=parameters"> <img src="images/new/BarreSup/Options/Securite.png" title="Paramètres du compte" border="0px" height="16px" width="16px"> Sécurité </a></li>
							<li><a href="http://lgmt.info/?action=disconnect"> <img src="images/new/BarreSup/Options/Deconnexion.png" title="Déconnexion" border="0px" height="16px" width="16px"> Déconnexion </a></li>
						</ul>
						</div>
					</li>';
					if($_SESSION['rank'] == 2 OR $_SESSION['rank'] == 3) {
					echo '<li><div id="redac">
						<ul>
							<li><a href="http://lgmt.info/?do=redac_write"> <img src="images/new/BarreSup/Redaction/New_nouveaute.png" title="Nouvel Article" border="0px" height="16px" width="16px"> Faire une news</a></li>
							<li><a href="http://lgmt.info/?do=redac_edit"> <img src="images/new/BarreSup/Redaction/Modif_nouveaute.png" title="Modifier les Articles" border="0px" height="16px" width="16px"> Modifier une news</a></li>
							<li><a href="http://lgmt.info/?do=article_write"> <img src="images/new/BarreSup/Redaction/New_article.png" title="Nouvel Article" border="0px" height="16px" width="16px"> Faire un article</a></li>
							<li><a href="http://lgmt.info/?do=article_edit"> <img src="images/new/BarreSup/Redaction/Modif_article.png" title="Modifier les Articles" border="0px" height="16px" width="16px"> Modifier un article</a></li>
						</ul>
						</div>
					</li>'; }
					if ($_SESSION['rank'] == 3) 
					echo '<li><div id="admin">
						<ul>
							<li><a href="http://lgmt.info/?do=admin_cat"> <img src="images/new/BarreSup/Administration/Gestion_categories.png" title="Administration des catégories" border="0px" height="16px" width="16px"> Gestion des catégories</a></li>
							<li><a href="http://lgmt.info/?do=admin_links"> <img src="images/new/BarreSup/Administration/Gestion_liens.png" title="Administration des liens" border="0px" height="16px" width="16px"> Gestion des liens</a></li>
							<li><a href="http://lgmt.info/?do=admin_members"> <img src="images/new/BarreSup/Administration/Gestion_membres.png" title="Administration des membres" border="0px" height="16px" width="16px"> Gestion des membres</a></li>
							<li><a href="http://lgmt.info/?do=admin_config"> <img src="images/new/BarreSup/Administration/Gestion_site.png" title="Paramètres du site" border="0px" height="16px" width="16px"> Gestion du site</a></li>
						</ul>
					</li>';
						
					//<a href="http://lgmt.info/"> <img src="images/icon/house.png" border="0px" width="16px" height="16px" title="Accueil"/> </a>
					//<a href="http://lgmt.info/feed.php"> <img src="images/icon/feed.png" border="0px" width="16px" height="16px" title="Flux RSS"/> </a>
					//<a href="?do=internal_news"> <img src="images/icon/newspaper.png" border="0px" width="16px" height="16px" title="Actualités Staff"/> </a>
					echo'</ul>
				</div>';
				} else {
				echo '
			<div id="login">
				<a href="#" class="btn modalInput" rel="#prompt">Connexion</a>
			</div>';
			}
			?>
			
			<div id="research" align="right"> 
				<form method="post" action="">
					<input type="text" style="border: 1px dotted #0CA8F6;" name="search"/> <button style="background-color: #0CA8F6;"> Rechercher </button>
				</form>
			</div>
		</div>
		<?php if(!$_SESSION['username']) { ?>
		<div class="modal" id="prompt">
			<h2>Formulaire de connexion</h2>
			<p>
				Si vous n'avez pas de compte : <a href="javascript:animatedcollapse.toggle('register')"> Inscrivez-vous ! </a>
			</p>
		<div id="register" style="display: none;" align="center">
			Inscription
			<form method="post" action="">
				Nom d'utilisateur <br/>
				<input type="text" name="pseudo" maxlength="32"/> <br/> <br/>
				Mot de passe <br/>
				<input type="password" name="password"/> <br/> <br/>
				<span style="color:red">Attention, pour des raisons de s&eacute;curit&eacute;, utilisez un mot de passe diff&eacute;rent que celui que vous utilisez sur les jeux Motion Twin.</span><br/><br/>
				Adresse e-mail <br/>
				<input type="text" name="email"/> <br/> <br/>
				<button type="submit"> S'inscrire ! </button> <br/> <br/>
			</form>
		</div>
		<div align="center">
			<form method="post" action="">
				Nom d'utilisateur  <br/>
				<input type="text" name="username"/> <br/> <br/>
				Mot de passe  <br/>
				<input type="password" name="pswd"/> <br/>
				<a href="?page=lost_password"> Mot de passe oublié </a> <br/> <br/>
				<div align="center"> <button type="submit"> Valider </button> - <button type="button" class="close"> Fermer </button> </div>
			</form> <br/>
		</div>
		</div>
		
		<?php
		}
		
		if ($_GET['do']) 	Actions($_GET['do']);
		if ($_GET['event'])	Event($_GET['event']);
		
		if ((isset($_GET['edit'])) AND ($_SESSION['rank'] > 1)) {
			$news_id = $_GET['edit'];
			$q_news = mysql_query("SELECT * FROM news WHERE id='$news_id' ORDER BY `id` DESC");
			$news = mysql_fetch_array($q_news);
			$news_title = $news['title'];
			$news_image = $news['img'];
			$news_text = stripslashes($news['text']);
			$news_text = str_replace("<br />","",$news_text);
			echo "	<div class='modal_large modder' id='popup'>
						<h2> Modification d'un article </h2>
						<div align='center'>
							<form method='POST' action=''>
								Titre <br/>
								<input type='text' name='edit_title' size='32' value='$news_title'/> <br/> <br/>
								Image de la news (lien) <br/>
								<input type='text' name='edit_img' size='32' value='$news_image'/> <br/> <br/>
								Texte de la news <br/>
								<textarea cols='56' rows='12' name='edit_news'>$news_text</textarea> <br/>
								<button type='submit'> Modifier </button>
							</form>
							</div>
							<div style='font-size: 10px; border: 1px solid black;'>
								Les images seront rendimensionnées en une largeur de 120 pixels. <br/>
								L'usage de balises html est autorisé par exemple : <br/>
								&lt;strong&gt; Texte en gras &lt;/strong&gt; <br/>
								&lt;em&gt Texte en italique &lt;/em&gt; <br/>
								&lt;u&gt Texte souligné &lt;/u&gt <br/>
								&lt;a href='http://cible_du_lien'&gt; Texte du lien &lt;/a&gt
							</div>
						<button type='button' class='close'> Fermer </button>
					</div>";
		}
		if ((isset($_GET['delete'])) AND ($_SESSION['rank'] > 1)) {
		$news_id = $_GET['delete'];
		$q_news = mysql_query("SELECT * FROM news WHERE id='$news_id'");
		$news = mysql_fetch_array($q_news);
		$news_title = stripslashes($news['title']);
		echo "<div class='modal modder' id='popup'>
				<h2> Suppression de news </h2>
				<p> Attention : Vous être sur le point du supprimer la news <strong> $news_title </strong> ! <br/>
					Êtes-vous sûr ? <br/>
					<div align='center'>
					<a href='?verif=1&news=$news_id'> <img src='images/icon/accept.png' title='Oui'/> </a> 
					<a href='http://lgmt.info/'> <img src='images/icon/cancel.png' title='Non'/> </a>
					</div>
				</p>
			</div>";
		}
		
		if ((isset($_GET['members_edit'])) AND ($_SESSION['rank'] == 3)) {
			$user_infos = fetch_user_infos($_GET['members_edit']);
			
			if ($user_infos['banned'] == 1) {
				$ban_state = '<span style="color: red;"> <strong> Cet utilisateur est banni </strong> </span>';
			} else {
				$ban_state = 'Cet utilisateur n\'est pas banni';
			}
			echo '<div class="modal modder" id="popup">
				<h2> Administration de l\'utilisateur ' . $user_infos['name'] .'</h2>
				<p> 
					Cet utilisateur est <strong> ' . $user_infos['rank'] . '. </strong> <br/> 
					' . $ban_state .' <br/>
					Dérnière IP connue de cet utilisateur : '. $user_infos['last_ip'] .' <br/>
						<div style="border: 1px solid black; padding: 3px;">
							<form method="POST" action="">
								<input type="hidden" name="members_id" value="'. $_GET['members_edit'] .'"/>
								Pseudo : <input type="text" name="member_edit_name" value="' . $user_infos['name'] .'"/> <br/>
								Adresse e-mail : <input type="text" name="edit_email"  value="' . $user_infos['email'] .'"/> <br/>
								Présentation (Page l\'équipe) : <input type="text" size="30" name="edit_presentation" value="' . $user_infos['presentation'] .'"/> <br/>
								Modifier Rang : <select name="edit_rank"> <option value="1"> Membre </option> <option value="2"> Rédacteur </option> <option value="3"> Administrateur </option> </select> <br/>
								Banni ? <select name="banned"> <option value="0"> Non </option> <option value="1"> Oui </option> </select> <br/> <br/>
								<button type="submit"> Modifier le membre </button>
							</form>
							Si le rang est modifié : l\'utilisateur devra se reconnecter pour voir les modifications.
						</div>
				</p>
				<button type="button" class="close"> Fermer </button>
			</div>';
		}
		
		switch($_GET['page']) {
			case 'about':
				echo "<div class='modal info' id='popup'>
					<h2> A propos de LGMT... </h2>
					<p> La Gazette de Motion-Twin est un projet créé par les joueurs, pour les joueurs. Le projet n’est en aucun cas lié à Motion-Twin et les informations diffusées sont de l’entière responsabilité des administrateurs de la gazette. <br/>
						La Gazette de Motion-Twin n’assure pas l’exactitude de ses informations. Des erreurs peuvent se glisser dans les articles. Dans ce cas, nous vous invitons à le signaler. <br/>
						La Gazette de Motion-Twin diffuse ses journaux sur le principe du bénévolat. Le gazette à été créé par passion et ne génère aucun revenu financier. <br/>
						Motion-Twin ne valide pas les informations diffusées dans les gazettes et sur le site. <br/>
						Pour toutes suggestions, demandes d’informations ou besoin d’aide adressez-vous à <a href='mailto:support@lgmt.info'> cette adresse </a> <br/> <br/>
						
						LGMT a été développé par Halfman avec l'aide de Somberlord. Les images et la présentation générale de LGMT ont été faites par Atar7.
					</p>
					<button type='button' class='close'> Fermer </button>
				</div>";
			break;
			case 'lost_password':
				echo "<div class='modal password' id='popup'>
					<h2> Mot de passe oublié </h2>
					<p>
						<form method='POST' action=''>
						Veuillez entrer l'adresse email associée au compte. <br/>
						<input type='text' name='email_lost'/> <button type='submit'> Valider </button>
						</form>
					</p>
					<button type='button' class='close'> Fermer </button>
				</div>";
			break;			
			case 'team':
			$admin_q = mysql_query("SELECT * FROM `members` WHERE `rights`='3'");
			$redac_q = mysql_query("SELECT * FROM `members` WHERE `rights`='2'");
				echo "<div class='modal_large team' id='popup'>
					<h2> L'équipe LGMT </h2>
					<p> <h3> Les Admins </h3>";
				while ($admin = mysql_fetch_array($admin_q)) {
					echo '<img src="images/icon/admin.png"/> ' . $admin['pseudo'] . ' : ' . $admin['presentation'] . ' <br/> ';
				}
				echo " <hr/>
					<h3> Les Rédacteurs </h3>";
				while ($redac = mysql_fetch_array($redac_q)) {
					echo '<img src="images/icon/redac.png"/> ' . $redac['pseudo'] . ' : ' . $redac['presentation'] . ' <br/> ';
				}
				echo"	</p>
					<button type='button' class='close'> Fermer </button>
				</div>";
			break;
		}
		?>
	
		<div id="wrap">
			<div id="banner"> <a href="http://lgmt.info/"> </a> </div>
			<div id="left">
				<div class="l_block">
					<div class="block_title" align="center"> Informations et liens utiles </div>
					<div class="block_inside">
						<?php
							$q_links = mysql_query('SELECT * FROM links ORDER BY title ASC');
							
							while ($links = mysql_fetch_array($q_links)) {
						echo '<img src="' . $links['icon'] .'" width="16px" height="16px"/> <a href="' . $links['target'] .'"> ' . utf8_encode($links['title']) . ' </a> <br/>
						';
							}
							$query = mysql_query('SELECT COUNT(*) AS nbre_entrees FROM connected WHERE ip=\'' . $_SERVER['REMOTE_ADDR'] . '\'');
							$donnees = mysql_fetch_array($query);

							if ($donnees['nbre_entrees'] == 0) 
							{
								mysql_query('INSERT INTO connected VALUES(\'' . $_SERVER['REMOTE_ADDR'] . '\', ' . time() . ')');
							}
							else
							{
								mysql_query('UPDATE connected SET timestamp=' . time() . ' WHERE ip=\'' . $_SERVER['REMOTE_ADDR'] . '\'');
							}


							$timestamp_5min = time() - (60 * 15); 
							mysql_query('DELETE FROM connected WHERE timestamp < ' . $timestamp_5min);

							$retour = mysql_query('SELECT COUNT(*) AS nbre_entrees FROM connected');
							$donnees = mysql_fetch_array($retour);
							$Count = $donnees['nbre_entrees'];
							echo ' <br/> Membres connectés : '. $Count;
						?>
					</div>
					<div class="block_foot"> </div>
				</div>
				<div class="l_block">
					<div class="block_title" align="center"> Tri par catégories </div>
					<div class="block_inside">
						<?php
							$q_cat = mysql_query('SELECT * FROM cat ORDER BY name ASC');
							
							while ($cat = mysql_fetch_array($q_cat)) {
						echo '<img src="' . $cat['icon'] .'" width="16px"/> <a href="?cat=' . $cat['id'] .'"> ' . utf8_encode($cat['name']) . ' </a> <br/>
						';
							}
						?>
					</div>
					<div class="block_foot"> </div>
				</div>
				<div class="l_block">
					<div class="block_title" align="center"> Derniers Inscrits </div>
					<div class="block_inside">
						<?php
							$q_last_members = mysql_query('SELECT * FROM `members` ORDER BY `id` DESC LIMIT 0,10');
							
							while ($last_members = mysql_fetch_array($q_last_members)) {
						echo $last_members['pseudo'] . ' <br/>';
							}
						?>
					</div>
					<div class="block_foot"> </div>
				</div>
				<div class="l_block">
					<div class="block_title" align="center"> Le sondage du mois </div>
					<div class="block_inside survey">
						<object width="220" height="260">
							<param name="movie" value="http://www.pixule.com/sondage.swf?key=139484015789" />
							<embed src="http://www.pixule.com/sondage.swf?key=139484015789" type="application/x-shockwave-flash" width="220" height="260" />
						</object>
					</div>
					<div class="block_foot"> </div>
				</div>
			</div>
			<div id="middle">
				<?php
				
				if (!$_GET['more']) {
					if (isset($_GET['cat'])) {
					$query = sprintf("SELECT * FROM news WHERE cat_id='%s' ORDER BY `id` DESC LIMIT 0,10",
						mysql_real_escape_string($_GET['cat']));
					$q_news = mysql_query($query);
					} else {
					$q_news = mysql_query("SELECT * FROM news ORDER BY `id` DESC LIMIT 0,15");
					}
					while ($news = mysql_fetch_array($q_news)):
						$author = fetch_user_infos($news['by']);
						$cat_id = $news['cat_id'];
						$cat_q = mysql_query("SELECT * FROM cat WHERE id='$cat_id'");
						$cat = mysql_fetch_array($cat_q);
						$news['text'] = stripslashes($news['text']);
						$news['title'] = stripslashes($news['title']);
						$news_id = $news['id'];
						$comments_q = mysql_query("SELECT COUNT(*) FROM comments WHERE news='$news_id'");
						$comments = mysql_fetch_row($comments_q);
					echo '
				<div class="whole_news">
					<div class="news" align="center">
						<div class="ribbon ' . $cat['tag'] . '" align="left"> <strong> ' . $news['title'] . '</strong> </div>
						<div class="infos">
							<img src="' . $news['img'] . '" width="120px" class="img_news"/> <br/>
							<img src="' . $author['img'] . '" width="16px" height="16px" title="' . $author['rank'] .'"/> ' . $author['name'] .' <br/>
							' . $news['date'] .' <br/>
							<a href="?more=' . $news['id'] .'"> '. $comments[0] .' Commentaire(s) </a><br/>
							<a href="javascript:animatedcollapse.toggle(\'comment' . $news['id'] .'\')" style="margin-top: 1px;"> <img src="images/icon/comments.png" border="0px"/> Commenter </a>
						</div>
						<div class="text" align="right"> ' . $news['text'] . '
						</div>
						<div class="comment_form" id="comment' . $news['id'] . '" style="display: none;">';
						if ($_SESSION['username'] != null) {
							echo '<form method="POST" action="">
								<input type="hidden" name="news_id" value="'. $news['id'] .'"/>
								<textarea cols="42" rows="8" name="comment"></textarea> <br/>
								<button type="submit"> Envoyer ! </button>
							</form>';
							} else {
							echo 'Vous devez être connecté pour pouvoir poster un commentaire !';
							}echo '
						</div>
					</div>';
						echo comments($news['id'], true);
					echo '</div>
					<div class="news_footer"> </div>
					<div class="esp"> </div>
				</div>
				&nbsp;';
				endwhile;
				} else {
					$news_id = $_GET['more'];
					$q_news = mysql_query("SELECT * FROM news WHERE id='$news_id' ORDER BY `id` DESC");
					$news = mysql_fetch_array($q_news);
					$author = fetch_user_infos($news['by']);
					$cat_id = $news['cat_id'];
					$cat_q = mysql_query("SELECT * FROM cat WHERE id='$cat_id'");
					$cat = mysql_fetch_array($cat_q);
					$news['text'] = stripslashes($news['text']);
					$news['title'] = stripslashes($news['title']);
					$comments_q = mysql_query("SELECT COUNT(*) FROM comments WHERE news='$news_id'");
					$comments = mysql_fetch_row($comments_q);
					echo '
				<div class="whole_news">
					<div class="news" align="center">
						<div class="ribbon ' . $cat['tag'] . '" align="left"> <strong> ' . $news['title'] . '</strong> </div>
						<div class="infos">
							<img src="' . $news['img'] . '" width="120px" class="img_news"/> <br/>
							<img src="' . $author['img'] . '" width="16px" height="16px" title="' . $author['rank'] .'"/> ' . $author['name'] .' <br/>
							' . $news['date'] .' <br/>
							<a href="?more=' . $news['id'] .'"> '. $comments[0] .' Commentaire(s) </a><br/>
							<a href="javascript:animatedcollapse.toggle(\'comment' . $news['id'] .'\')" style="margin-top: 1px;"> <img src="images/icon/comments.png" border="0px"/> Commenter </a>
						</div>
						<div class="text" align="right"> ' . $news['text'] . '
						</div>
						<div class="comment_form" id="comment' . $news['id'] . '" style="display: none;">';
						if ($_SESSION['username'] != null) {
							echo '<form method="POST" action="">
								<input type="hidden" name="news_id" value="'. $news['id'] .'"/>
								<textarea cols="42" rows="8" name="comment"></textarea> <br/>
								<button type="submit"> Envoyer ! </button>
							</form>';
							} else {
							echo 'Vous devez être connecté pour pouvoir poster un commentaire !';
							}
					echo '
						</div>
					<br/> <br/>
					<div align="left" class="all_comments">';
					$q_comment = mysql_query("SELECT * FROM comments WHERE news='$news_id' ORDER BY id ASC");
					
					while ($comment = mysql_fetch_array($q_comment)) {
					$i++;
					$user_infos = fetch_user_infos($comment['by']);
					if ($_SESSION['rank'] == 3) {
					echo '<br/> <a href="?comment_delete=' . $comment['id'] .'"> <img src="images/icon/cross.png" width="13px" height="13px"/> </a> #' . $i .' Par '; }
					if ($user_infos['rights'] == 2) {
							echo '	<img src="images/icon/redac.png" width="16px" height="16px"/>'. $user_infos['name'].', ' . $comment['date'];
							}							
							elseif ($user_infos['rights'] == 3) {
							echo '	<img src="images/icon/admin.png" width="16px" height="16px"/>'. $user_infos['name'].', ' . $comment['date'];
							}							
							else {
							echo  $user_infos['name'].', ' . $comment['date'];
							}
					echo ' : <br/>
					' . ShowSmileys(stripslashes(nl2br($comment['text']))) . '<br/> <br/> <div class="line_dotted"> </div>';
					}
					echo '</div>
					</div>';
					comments($news['id'], true);
					echo '</div>
					<div class="news_footer"> </div>
				</div>
				</div>
				';
				}?>
			<div style="clear: both;"> </div>
			<div id="footer" align="center">
				Copyright &copy; 2011 - LGMT.info : La Gazette Motion-Twin <br/> 
				Dev by Halfman - Images by Atar7 <br/>
				Certaines images appartiennent à Motion-Twin.
			<div class="news_footer"> </div>
			</div>
		</div>
		<div id="bg_btm"> </div>
		<script>
			$(document).ready(function() {
			var triggers = $(".modalInput").overlay({
				mask: {
					color: '#222222',
					loadSpeed: 200,
					opacity: 0.85
				},
				closeOnClick: true,
				left: "center",
				top: "center"
			});
			$("#prompt form").submit(function(e) {
				triggers.eq(1).overlay().close();
				var input = $("input", this).val();
				triggers.eq(1).html(input);
			});
			})
			$(document).ready(function() {
			$("#popup").overlay({
				mask: {
					color: '#222222',
					loadSpeed: 200,
					opacity: 0.85
				},
				fixed: false,
				closeOnClick: true,
				left: "center",
				top: "center",
				load: true
			});
			});
		</script>
		<!-- Copyright - 2011 : LGMT - All rights Reserved -->
	</body>
</html>
<?php
	mysql_close();
?>